Examples with SecurityManager org.exist.security.SecurityManager used on opensource projects

Search in sources :

Example 66 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class StoreResourceTest method prepareDb.

@BeforeClass
public static void prepareDb() throws EXistException, PermissionDeniedException, IOException, TriggerException {
    final BrokerPool pool = existWebServer.getBrokerPool();
    final SecurityManager sm = pool.getSecurityManager();
    try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
        final Txn transaction = pool.getTransactionManager().beginTransaction()) {
        final Collection collection = broker.getOrCreateCollection(transaction, TEST_COLLECTION_URI);
        PermissionFactory.chmod(broker, collection, Optional.of(511), Optional.empty());
        broker.saveCollection(transaction, collection);
        createGroup(broker, sm, GROUP1_NAME);
        createUser(broker, sm, USER1_NAME, USER1_PWD, GROUP1_NAME);
        createUser(broker, sm, USER2_NAME, USER2_PWD, GROUP1_NAME);
        transaction.commit();
    }
}
Also used : SecurityManager(org.exist.security.SecurityManager) Collection(org.exist.collections.Collection) Txn(org.exist.storage.txn.Txn)

Example 67 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class CopyResourceTest method prepareDb.

@BeforeClass
public static void prepareDb() throws EXistException, PermissionDeniedException, IOException, TriggerException {
    final BrokerPool pool = existWebServer.getBrokerPool();
    final SecurityManager sm = pool.getSecurityManager();
    try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
        final Txn transaction = pool.getTransactionManager().beginTransaction()) {
        final Collection collection = broker.getOrCreateCollection(transaction, TEST_COLLECTION_URI);
        PermissionFactory.chmod(broker, collection, Optional.of(511), Optional.empty());
        broker.saveCollection(transaction, collection);
        createGroup(broker, sm, GROUP1_NAME);
        createUser(broker, sm, USER1_NAME, USER1_PWD, GROUP1_NAME);
        createUser(broker, sm, USER2_NAME, USER2_PWD, GROUP1_NAME);
        transaction.commit();
    }
}
Also used : SecurityManager(org.exist.security.SecurityManager) Collection(org.exist.collections.Collection) Txn(org.exist.storage.txn.Txn)

Example 68 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class DigestAuthenticator method authenticate.

@Override
public Subject authenticate(HttpServletRequest request, HttpServletResponse response, boolean sendChallenge) throws IOException {
    final String credentials = request.getHeader("Authorization");
    if (credentials == null) {
        sendChallenge(request, response);
        return null;
    }
    final Digest digest = new Digest(request.getMethod());
    parseCredentials(digest, credentials);
    final SecurityManager secman = pool.getSecurityManager();
    final AccountImpl user = (AccountImpl) secman.getAccount(digest.username);
    if (user == null) {
        // If user does not exist then send a challenge request again
        if (sendChallenge) {
            sendChallenge(request, response);
        }
        return null;
    }
    if (!digest.check(user.getDigestPassword())) {
        // If password is incorrect then send a challenge request again
        if (sendChallenge) {
            sendChallenge(request, response);
        }
        return null;
    }
    return new SubjectAccreditedImpl(user, this);
}
Also used : SecurityManager(org.exist.security.SecurityManager) MessageDigest(java.security.MessageDigest) SubjectAccreditedImpl(org.exist.security.internal.SubjectAccreditedImpl) AccountImpl(org.exist.security.internal.AccountImpl)

Aggregations

SecurityManager (org.exist.security.SecurityManager)68 DBBroker (org.exist.storage.DBBroker)22 Txn (org.exist.storage.txn.Txn)16 Account (org.exist.security.Account)15 BrokerPool (org.exist.storage.BrokerPool)15 Subject (org.exist.security.Subject)12 EXistException (org.exist.EXistException)11 PermissionDeniedException (org.exist.security.PermissionDeniedException)9 XPathException (org.exist.xquery.XPathException)9 AuthenticationException (org.exist.security.AuthenticationException)8 GroupAider (org.exist.security.internal.aider.GroupAider)6 Collection (org.exist.collections.Collection)5 Group (org.exist.security.Group)5 Database (org.exist.Database)4 UserAider (org.exist.security.internal.aider.UserAider)4 LockedDocumentMap (org.exist.storage.lock.LockedDocumentMap)4 Test (org.junit.Test)4 java.util (java.util)2 List (java.util.List)2 HttpSession (javax.servlet.http.HttpSession)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial